COVID-19 Crisis Pandemic: Email Security & Home Working

The 2019 Novel Coronavirus pandemic has meant that many workers have had to self-isolate at home and an increasing number of employees wish to work from home to reduce risk of contracting COVID-19. Companies are under pressure to allow their workers to stay at home and use either company-issued or personal devices to log onto their networks and work remotely.

Cybercriminals are always changing their tactics, techniques, and procedures and they have jumped at the opportunity served up by the Novel Coronavirus. People are wary and rightly so. COVID-19 has a high mortality rate and the virus is spreading rapidly. People want information about cases in their local district, advice on how to safeguard themselves, and information about possible cures. Hackers have obliged and are conducting phishing campaigns that claim to offer all that information. Many campaigns have now been discovered from many different threat groups that attempt to obtain login credentials and spread malware. Since the start of January when the first major campaigns were detected, the volume of coronavirus and COVID-19 emails has increased majorly.

Campaigns are being run impersonating different governmental and non-governmental bodies on the Novel Coronavirus and COVID-19, such as the World Health Organization (WHO), the U.S. Centers for Disease Control and Prevention (CDC), the U.S. Department of Health and Human Services, and other government agencies. COVID-19-themed emails are being shared with remote workers that spoof HR departments warning about cases that have been detected within the group. Health insurers are being spoofed in campaigns that include invoices for information on COVID-19.

Since January, more in excess of 16,000 Coronavirus and COVID-19-themed domains have been registered which are being used to host phishing kits and distribute malware. Experts at CheckPoint Software report that those domains are 50% more likely to be malicious than other domains registered in the same length of time.

Email security and home working will naturally be a major worry for IT teams given the sheer number of home workers due to the Coronavirus pandemic and the volume of attacks that are now being conducted focusing on home workers. With so many devices now connecting to networks remotely, if cybercriminals do obtain credentials, it will be much more difficult for IT teams to identify threat actors connecting remotely. Luckily, there are steps that can be taken to improve email security and home working need not majorly increase risk.

You should see to it that your employees can only connect to your network and cloud-based services through a VPN. Enterprise VPNs can be set up to force all traffic through the VPN to reduce the potential for mistakes. Make sure that the VPN is set up to start automatically when the device is turned on up.

It is vital that all remote workers are protected by a strong and effective email security solution. It is not possible to stop hackers targeting remote workers, but it is possible to prevent phishing and malware threats from reaching inboxes.

To safeguard your employees against phishing attacks and malware, an advanced email security solution is vital. If you use Office 365 for email, do not use on Office 365 email security. You will need greater protection than Exchange Online Protection provides to safeguard against phishing, spear phishing, and zero-day threats.

SpamTitan has a number of different detection mechanisms to identify and block the full range of email threats. SpamTitan incorporates SPF and DMARC to put in place protection against email impersonation attacks, machine learning algorithms and predictive technology to safeguard from zero-day attacks, advanced phishing protection from whaling and spear phishing attacks by scanning inbound email in real-time, dual antivirus engines to prevent malware threats, and sandboxing for in depth analysis of suspicious attachments. SpamTitan also incorporates 6 specialist RBLs, supports whitelisting, blacklisting, and greylisting, and uses multiple threat intelligence feeds.

There is a higher risk of insider threats with remote workers. To supply protection and to prevent accidental policy breaches, SpamTitan has a data loss prevention filter to stop credit card numbers, Social Security numbers, and other data types from being sent over email.

No email security solution can 100% prevent all email threats from infiltrating your inbox, 100% of the time. It is therefore important to provide regular cybersecurity training to employees to make them knowledgeable of phishing threats, train them how to identify a phishing email or social engineering scam, and to condition remote employees how to react should a threat be received. Phishing simulation exercises are also helpful to see which employees require additional training and to identify possible gaps in training programs. IT security basic training refreshers should also be given to ensure employees know what can and cannot be completed with work devices.

Multi Factor authentication must be put in place on all applications and email accounts to add security in the event of an account compromise. If credentials are stolen and used from a previously unknown location or an unfamiliar device, a second authentication factor must be given before access is granted. You should also turn off macros on all user devices, unless a specific user needs to use macros for work reasons.

To discover more about how you can enhance email security for remote workers, give the TitanHQ team a call now. You can set up a demonstration to see SpamTitan in action and you can also register for a free trial to put SpamTitan to the test on your own network.